CVE-2011-0538
wireshark - several
EPSS 24.0%
Description
Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0 frees an uninitialized pointer during processing of a .pcap file in the pcap-ng format, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed file.
How to fix CVE-2011-0538
To remediate CVE-2011-0538, upgrade the affected package to a fixed version below.
- Debian/wireshark—upgrade to 1.4.3-3 or later
- Debian/wireshark—upgrade to 1.0.2-3+lenny13 or later
Is CVE-2011-0538 being exploited?
Moderate — EPSS is 24.0%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (2)
- from 0, < 1.4.3-3
- from 0, < 1.0.2-3+lenny13